403 Forbidden Error


#1

When I try and access my local network testing 192.168.0.135/nagios/ I get this:

Forbidden
You don’t have permission to access /nagios/ on this server.


Apache/2.0.49 (Fedora) Server at 192.168.0.135 Port 80

I don’t have any .htaccess files, or anything relating to authorisation in httpd.conf (only the two tags that I’m told to put in - before setting up the restricted access).
Other directories work - but they dont have tags in httpd.conf, they are just in the /var/www/html dir.

Help anyone??


#2

Sounds like you missed the section in the docs “Authentication And Authorization In The CGIs” nagios/docs/cgiauth.html
Here is the quote from docs
"Setting Up Authenticated Users

Now that you’ve configured the web server to require authentication for access to the CGIs, you’ll need to configure users who can access the CGIs. This is done by using the htpasswd command supplied with Apache.

Running the following command will create a new file called htpasswd.users in the /usr/local/nagios/etc directory. It will also create an username/password entry for nagiosadmin. You will be asked to provide a password that will be used when nagiosadmin authenticates to the web server.

htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Continue adding more users until you’ve created an account for everyone you want to access the CGIs. Use the following command to add additional users, replacing with the actual username you want to add. Note that the -c option is not used, since you already created the initial file.

htpasswd /usr/local/nagios/etc/htpasswd.users

Okay, so you’re done with the first part of what needs to be done. If you point your web browser to your Nagios CGIs you should be asked for a username and password. If you have problems getting user authentication to work at this point, read your webserver documentation for more info. "


#3

It says in the documentation, that you should be able to access the /nagios/ directory BEFORE configuring the authorisation (see bottom of ‘Setting up the web interface’)
If thats the case - I should be able to access that directory at my current configuration status.


#4

Check the permission’s on the directory and files in /usr/local/nagios/share.
Check your apache error log and see if it gives you more clues.
Check your cgi.cfg file for use_authentication= What is this set at?
The following must come BEFORE the latter in your httpd.conf
ScriptAlias /nagios/cgi-bin/ /usr/local/nagios/sbin/
<Directory “/usr/local/nagios/sbin/”>
AllowOverride AuthConfig
Options ExecCGI
Order allow,deny
Allow from all

Alias /nagios/ /usr/local/nagios/share/
<Directory “/usr/local/nagios/share”>
Options None
AllowOverride AuthConfig
Order allow,deny
Allow from all


#5

It cant be the cgi file because nagios is not running. You should be able to access the /nagios/ dir without any further config (up to where it tells you to check it in the Docs). I have the above Alias’ in the correct order and I’ve checked them many times. Where is the apache error log kept???


#6

I found and checked my error log. Heres the error I’ve found that looks like the cause, but I dont know what to do about it!
[Sat Feb 19 18:52:06 2005] [error] [client 192.168.0.10] client denied by server configuration: /usr/share/nagios/


#7

/usr/share/nagios??? I thought that nagios html files lived in /usr/local/nagios/share
Post your httpd.conf, just the part about nagios stuff though.


#8

Heres the alias’ direct from my httpd.conf file :slight_smile:

ScriptAlias /nagios/cgi-bin /usr/local/nagios/sbin
<Directory “/usr/local/nagios/sbin”>
AllowOverride AuthConfig
Options ExecCGI
Order allow,deny
Allow from all

Alias /nagios /usr/local/nagios/share
<Directory “/usr/local/nagios/share”>
Options None
AllowOverride AuthConfig
Order allow,deny
Allow from all


#9

The apache error log complained about /usr/share/nagios, so it must be in the httpd.conf file somewhere.